package com.tjcd.project.library_base.base.network;

import java.security.KeyStore;
import java.security.cert.X509Certificate;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/**
 * @Author jiangKunKun
 * @CreateDate 2022/1/11
 * @Description
 * @SpittingGrooves
 */
public class SSLSocketClient {

    private static SSLSocketFactory sSLSocketFactory;
    private static HostnameVerifier hostnameVerifier;

    static {
        try {
            // 创建一个不验证证书链的信任管理器
            TrustManager[] trustAllCerts = new TrustManager[]{
                    new X509TrustManager() {
                        @Override
                        public void checkClientTrusted(X509Certificate[] chain, String authType) {}

                        @Override
                        public void checkServerTrusted(X509Certificate[] chain, String authType) {}

                        @Override
                        public X509Certificate[] getAcceptedIssuers() {
                            return new X509Certificate[0];
                        }
                    }
            };

            // 安装所有信任的管理器
            SSLContext sslContext = SSLContext.getInstance("TLS");
            sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
            sSLSocketFactory = sslContext.getSocketFactory();

            // 创建一个不验证主机名的主机名验证器
            hostnameVerifier = (hostname, session) -> true;
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static SSLSocketFactory getSSLSocketFactory() {
        return sSLSocketFactory;
    }

    public static HostnameVerifier getHostnameVerifier() {
        return hostnameVerifier;
    }

    private static X509TrustManager trustManager;

    static {
        try {
            // 初始化 TrustManagerFactory
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null); // 使用默认的 KeyStore

            // 获取信任管理器
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            if (trustManagers.length == 0 || !(trustManagers[0] instanceof X509TrustManager)) {
                throw new IllegalStateException("Unexpected default trust managers:" + trustManagers);
            }
            trustManager = (X509TrustManager) trustManagers[0];

            // 创建 SSLContext 并初始化
            SSLContext sslContext = SSLContext.getInstance("TLS");
            sslContext.init(null, trustManagers, new java.security.SecureRandom());

            // 获取 SSLSocketFactory
            sSLSocketFactory = sslContext.getSocketFactory();
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static X509TrustManager getTrustManager() {
        return trustManager;
    }
}
